package com.ding.config;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.sql.DataSource;

import org.activiti.engine.IdentityService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

import com.ding.service.UserService;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
	
	AuthenticationSuccessHandler authenticationSuccessHandler;

	Logger logger=LoggerFactory.getLogger(WebSecurityConfig.class);
	
	@Autowired
	DataSource dataSource;
	
	@Autowired
	public WebSecurityConfig(IdentityService identityService,UserService userService) {
		this.authenticationSuccessHandler=new SavedRequestAwareAuthenticationSuccessHandler()
				{
					@Override
					public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
							Authentication authentication) throws IOException, ServletException {
						logger.info("用户认证成功");
						super.onAuthenticationSuccess(request, response, authentication);
					}
				};
				
	}
	
	@Autowired
	PasswordEncoder passwordEncode;
	
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	
		auth.jdbcAuthentication().dataSource(dataSource)
			.usersByUsernameQuery(JdbcDaoImpl.DEF_USERS_BY_USERNAME_QUERY)
			.authoritiesByUsernameQuery(JdbcDaoImpl.DEF_AUTHORITIES_BY_USERNAME_QUERY)
			.passwordEncoder(passwordEncode);
		
		/*
		auth.userDetailsService(new UserDetailsService() {
			
			@Override
			public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
				
				//可以使用Activiti的认证服务
		
				return null;
			}
		});
		*/
	}
	
	@Override
	protected void configure(HttpSecurity http) throws Exception {
	http
		.formLogin()
		.loginPage("/user/login")
		.successHandler(authenticationSuccessHandler)
		.permitAll()
	.and().logout()							
				.logoutUrl("/logout")		
				.logoutSuccessUrl("/")
	.and().rememberMe()			
				.tokenValiditySeconds(60*60*24*7)	
				.key("activitiKey")				
	.and().authorizeRequests()
				.antMatchers("/user/*").permitAll()
				.anyRequest().authenticated()
	.and().headers().frameOptions().disable()
	.and().csrf().disable()		
	;
	}	

	@Override
	public void configure(WebSecurity web) throws Exception {
		super.configure(web);
		web.ignoring().antMatchers("/css/*","/common/*");
	}
}
